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ABBREVIATIONS 

CCF Common Cause Failure 

CD Fraction of Dangerous Failures Detected by Automatic Self-testing 
CS Fraction of Safe Failures Detected by Automatic Self-testing 
EGPC Egyptian General Petroleum Company 

ESD Emergency Shutdown 

ESDV Emergency Shutdown Valve 

FEED Front End Engineering Design 

ICSS Integrated Control & Safety System 

ITT Invitation to Tender 

KPC Khalda Petroleum company 

MMSCFD | Million Standard Cubic Feet Per Day 

MTTR Mean Time To Repair 

OREDA Offshore Reliability Data 

PDS Norwegian acronym for ‘Reliability of Computer Based Safety Systems’ 
PFD Probability of Failure on Demand 

Por Probability of Test independent Failures 

SFF Safe Failure Fraction 

SIL Safety Integrity Level 

SOL Start Of Line 

B Common Cause Failure Factor 

Merit Rate of Critical Failures 

An Rate of Dangerous Failures 

App Dangerous Detected Failure Rate 

Abu Rate of Dangerous Undetected Failures 

Asu Rate of Safe Undetected Failures 
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1 INTRODUCTION 


1.1 Project Background 


Qasr is a large, normally pressured gas-condensate reservoir located in the Western 
Desert of Egypt approximately 525 km west of Cairo. The field is operated by Khalda 
Petroleum Company (KPC), a joint venture between Apache Corporation and 
Egyptian General Petroleum Company (EGPC). 


Figure 1-1 Qasr Development Location 
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Qasr -525 Km West of Cairo 


Field production is initially handled at the Start of Line (SOL) Qasr Plant. After initial 
treatment (cooling and water removal) the gas/condensate is exported to a 
combination of the Salam, Tarek and Obaiyed gas plants for further treatment. 


The Qasr gas and condensate currently free flows from the wellheads through the 
Qasr Phase | and Phase II facilities and export pipelines to the Shams manifold and 
Salam gas plant under reservoir pressure. As the reservoir pressure declines the 
peak gas rate of 800 mmscfd will no longer be achieveable. The Qasr Compression 
Project is designed to improve recovery as the reservoir production rate and 
pressure decline. 


The Qasr Compression Project scope comprises: 

Gas turbine driven single stage compressor sets 
Condensate export pumps 

Power generation 


DA nD DBD DW 


Utility systems 


1.2 Objective 


A SIL (Safety Integrity Level) Assessment has previously been carried out to 
establish the integrity required from the various safety instrumented systems used 
within the Qsar process design (Ref. 1). 


The aim of this report is to verify the IL (Integrity Level) achieved by the design as 
proposed (see Appendix A). 


Rannaice Nil L Gace Caneiulante lta Dann l af 98 Nata: Nlav 911 


SIL Verification Report 


GENESIS 
Qasr Compression Project FEED —" 


1.3 Scope 


This verification study is limited to the loops required to achieve SIL2 in (Ref. 1), 
noting that no loops were required to achieve a higher SIL. Table 1-1 contains a list 
of all the SIL2 loops identified, as well as an indication of the ones verified by the 
present study (extreme right column). 


Table 1-1: List of Loops Requiring SIL-2 Integrity & Study Scope 


Loop Identification System P&ID Action Scope of Verification 
ltem | Tag No. Required 
2 LIT-101 HH Process Gas Compression | 12211 | Compressor trip 1 
5 TIT-102 HH Process Gas Compression | 12212 | Compressor trip 2 
6 VIT-101 HH Process Gas Compression | 12212 | Compressor trip | Not evaluated (to be specified 
7 TIT-110 HH Process Gas Compression | 12212 | Compressor trip toicompressodvendon) 
g TIT-108 HH Process Gas Compression | 12213 | Compressor trip 3 
11 LIT-104 HH Process Gas Compression | 12214 | Compressor trip 4 
oil PIT-062 HH Flash Gas Compression 12262 | ESDV-013 5 
43 TIT-011 HH Fuel Gas System 12302 | Heater trip 6 
44 TIT-009 HH Fuel Gas System 12302 | Heater trip 7 
45 Weg HH, TIT-022B Fuel Gas System 12307 | Heater trip 8 
46 TIT-019A HH, TIT-019B Fuel Gas System 12307 | Heater trip 9 
47 TIA LL Fuel Gas System 12307 | Turbine trip 10 
54 LIT-344 HH Flare 12356 | ESD-2 Not evaluated - existing plant 


It should be noted two of the loops from the compressor system (VIT-101 HH and 
TIT-110 HH) have been excluded since these will be part of the vendor package and 
their SIL requirement should be specified to the vendor within the ITT (Invitation to 
Tender) package. 


One loop (LIT-344 HH) is noted to be an existing system, and is therefore excluded 
from the present study. This should be evaluated separately. 
1.4 SIL Assessment 


A total of 54 IPFs were identified as part of the SIL assessment (Ref. 1). The 
breakdown of classifications is shown in Table 1-2. 


Table 1-2: Summary of SIL Classifications 


Classification No. of IPFs Comments 

SIL 3 or 4 0 None 

SIL 2 13 The majority are financial, arising from failure of one or more compressors, or the 
HP fuel gas supply on which they depend. 

SIL 1 19 The majority of these are also financial. 

SIL 0 (or unclassified) 22 These are IPFs which are conventionally expected in a HAZOP, but which do not 
provide a substantial reduction in risk. 

Total IPFs Reviewed 54 


A total of 13 IPFs were identified as SIL 2. 
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2 ASSESSMENT 


2.1 Reliability Targets 
The quantitative reliability targets associated with each SIL are listed in Table 2.1. 


Table 2-1 Safety Integrity Level Reliability Targets 


Safety Integrity Level | Probability of Failure on Demand (X) 
4 X<1x10 
3 1x107 <X<1 x10” 
2 1x107 <X<1 x10” 
1 1x107 <X<1 x10" 


2.2 Methodology 


The reliability of each loop was determined using fault tree analysis (Appendix B) 
based on the components and configurations shown in Appendix A. The analysis 
identified failure combinations that could cause overall failure of the loop to operate 
on demand. 


The methodology and failure data used are based on the PDS approach 
documented in Ref. 2 & 3. 


2.3 Assumptions 


2.3.1 Failure Rate Data 


Equipment failure rate data has been taken from the SINTEF report; Reliability Data 
for Safety Instrumented Systems (Ref. 2). This data provides a consistent generic 
database for reliability assessment of control and safety systems. The values used 
are listed in Table 2-2. 


Table 2-2 Equipment Failure Rates (SINTEF 2010) 


Component in À crit Àp cD CS Apu Asu SFF Bar | B App 
SINTEF Data 
Ae | 0/10" kes Teas | V10 | 10° (10° 
hrs) hrs) Ze Ze) hrs) hrs) hrs) 


List of Symbols 


Au = Rate of Critical Failures 
D = Rate of Dangerous Failures 
CD = Fraction of Dangerous Failures Detected by Automatic Self-testing 
CS = Fraction of Safe Failures Detected by Automatic Self-testing 
Apu = Rate of Dangerous Undetected Failures 
Ae = Rate of Safe Undetected Failures 
SFF = Safe Failure Fraction 
d = Probability of Test independent Failures 
B = Common Cause Failure Factor 
App = Dangerous Detected Failure Rate 
Pressure transmitter 1.3 0.8 0.6 0.3 0.3 0.4 | 0.77 | 5E- 
04 | 0.04 | 0.50 
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Component in Acrit Ap CD CS Apu Asu SFF | Pre | H App 
SINTEF Data 

(10° | (10° | (=à | (=A | Y 10° | 7 10° (/ 10° 

hrs) hrs) Ze) /Xs) hrs) hrs) hrs) 
Level (displacement) 3 1.4 0.6 0.3 0.6 1.1] 0.8 | 5E- 
transmitter 04 | 0.04 | 0.80 
Temperature 2 0.7 60% | 30% 0.3 0.9 | 85% | 5E- 
transmitter 04 | 0.04 | 0.40 
Temperature 2 0.7 60% | 30% 0.3 0.9 | 85% | 5E- 
transmitter 04 | 0.04 | 0.40 
Programmable 3.2 1.6 90% | 20% 0.16 1.3 | 95% 
safety system 1.44 
- Analogue input 
(single) 
Programmable 9.6 4.8 | 90% | 20% 0.48 3.8 | 95% | 5E- 
safety system 05 | 0.05 | 4.32 
- CPU (1001) 
Programmable 3.2 1.6 90% 20% 0.16 1.3 | 95% 
safety system 1.44 
- Digital output 
(single) 
Circuit breaker 0.8 0.3 0.3 0.5 | 68% | 5E- 
(large) 05 | 0.03 | - 
ESV / XV incl. 5.3 3} 30% | 10% 2.1 2.1 | 60% | 1E- 
actuator (ex. pilot) 04 | 0.03 | 0.90 
Pilot / solenoid valve 3 1.1 30% | 10% 0.8 1.7 | 73% - 

0.30 


2.3.2 Test Frequency 
The basic assumptions that underpin the analysis are summarised in Table 2-3. 
Table 2-3: Summary of Assumptions for Each Component 


Ref. | Item Description Intervention | Active | MTTR | T (test t 
Time Repair interval) 
Time 
(hrs) (hrs) (hrs) | (months) | (hrs) 
A Pressure detection failure (PIT) - 8.0 8 12 2 
B Level detection failure (LIT) - 8.0 8 12 2 
C1 Temperature detection failure - A (TIT) - 8.0 8 12 2 
C2 | Temperature detection failure - B (TIT) - 8.0 8 12 2 
D1 Failure of ICSS to initiate shutdown (Al) - 8.0 8 12 2 
D2 | Failure of ICSS to initiate shutdown (CPU) - 8.0 8 12 2 
D3 | Failure of ICSS to initiate shutdown (DO) - 8.0 8 12 2 
E Failure to trip compressor (large relay) - 8.0 8 12 2 
F ESDV failure - 8.0 8 12 2 
G Pilot / Solenoid valve (ESD) - 8.0 8 12 2 
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It should be noted that sensors, actuated elements and logic solvers are assumed to 
be tested every 12 months. 


No benefit for testing of valves due to close demands from the control system not 
associated with a hazardous situation is taken. 


In view of the fact that details of the control loops are not available at this stage, the 
study has erred on the side of caution with respect to voting (e.g. logic solver in the 
ICSS has been taken 
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3 RESULTS 
Table 3-1 Summary of Predicted PFDs & SIL 
Summary of SIL Assessment Loop Components SIL Required Loop Comments 
Trip System P&ID | Role of Protective | Detection Logic | Final Integrity 
Description Protection Action Solver | Element (estimated) 
Function Required Tit | Tit | PIT Saf. | Fin. | Env. | Ov. PFD | SIL 
2 | LIT-101 Process Gas | 12211 | Prevent liquid Compressor xX X Large 2 2 8.0E-03 2 OK 
HH Compression carry-over from trip relay 
compressor 
suction drum into 
gas compressor. 
5 | TIT-102 Process Gas 12212 | To trip the Compressor X X Large 2 2 6.7E-03 2 OK 
HH Compression compressor and trip relay (Note - 
discharge cooler assessment 
on high discharge assumes only 
temperature and compressor trip is 
prevent flow to critical, i.e. 
export manifold discharge cooler 
trip not included 
in calcs.) 
6 | VIT-101 Process Gas | 12212 | To trip the Compressor Large 2 2 Vibration trip 
HH Compression compressor and trip relay should be part of 
discharge cooler at vendor package - 
high compressor SIL requirement 
vibration and should be 
prevent flow to specified in ITT 
export manifold for vendor to 
provide 
7 | TIT-110 Process Gas 12212 | To trip the Compressor X X Large 2 2 Temperature trip 
HH Compression compressor and trip relay should be part of 
discharge cooler at vendor package - 
high compressor SIL requirement 
bearing should be 
temperature and specified in ITT 
prevent flow to for vendor to 
export manifold provide 
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Summary of SIL Assessment Loop Components SIL Required Loop Comments 
Trip System P&ID | Role of Protective | Detection Logic | Final Integrity 
Description Protection Action Solver | Element (estimated) 
Function Required Tit] TIT | PIT Saf. | Fin. | Env. | Ov. | PFD [SIL 
9 | TIT-108 Process Gas 12213 | To trip compressor | Compressor X X Large 2 1 2 6.7E-03 2 OK 
HH Compression and discharge trip relay (Note - 
cooler at high assessment 
discharge assumes only 
temperature and compressor trip is 
prevent flow to critical, i.e. 
export manifold discharge cooler 
trip not included 
in calcs.) 
11 | LIT-104 Process Gas 12214 | Prevent liquid Compressor X X Large 2 1 2 8.0E-03 2 OK 
HH Compression carry over into the | trip relay 
second stage 
compression 
system and gas 
export manifold 
31 | PIT-062 Flash Gas 12262 | To protect the ESDV-013 X X ESDV 2 1 2 1.8E-02 1 Additional 
HH Compression flash gas measures 
compression required (e.g. 
system from Second ESDV) 
potential over 
pressurisation due 
to reverse flow 
from process gas 
compressors 
suction. 
43 | TIT-011 Fuel Gas 12302 | To protect the Heater trip X X Large 2 2 1 2 6.7E-03 2 OK 
HH System piping downstream relay 
of the HP fuel gas 
preheater and the 
HP fuel gas KO 
drum from over 
heating 
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Summary of SIL Assessment Loop Components SIL Required Loop Comments 
Trip System P&ID | Role of Protective | Detection Logic | Final Integrity 
Description Protection Action Solver | Element (estimated) 
Funetion Required Tit] Tit | Pit Saf. | Fin. | Env. | Ov. | PFD | SIL 
44 | TIT-009 Fuel Gas 12302 | To protect the Heater trip X X Large 2 2 1 2 6.7E-03 2 OK 
HH System heater elements relay 
from over heating. 
45 | TIT- Fuel Gas 12307 | To trip the HP fuel Heater trip X X Large 2 2 1 2 6.7E-03 2 OK 
022A System gas heater and relay 
HH, 08- protect the HP and 
TIT- LP fuel gas 
022B HH systems from 
excessively high 
temperatures 
46 | TIT- Fuel Gas 12307 | To cut the power Heater trip X X Large 2 1 2 6.7E-03 2 OK 
019A System supply in the event relay 
HH, 80- of thermal 
TIT- overload to the 
019B HH heater. 
47 | TDI-034 Fuel Gas 12307 | To protect the gas | Turbine trip xX X Large 2 2 6.7E-03 2 OK 
LL System turbines from non relay 
superheated gas 
Flare 12356 | To shut the plant ESD-2 X 2 2 1 2 Not analysed - 
down if the is high insufficient 
level in the flare information 
KO drum. 
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4 CONLUSIONS & RECOMMENDATIONS 


4.1 Conclusions 


1. Thirteen protective loops have previously been identified to require an 
integrity level of SIL2 in Ref. 1. 


2. The present report has evaluated the design of ten of the identified loops to 
verify that the required integrity is achieved by the design as currently 
proposed in Appendix A. 


3. Two of the remaining loops have been omitted since they are part of the 
compressor package and have therefore been included in the EPC Scope of 
Work document (Ref. 5). 


4. Loop 54 is part of the existing facilities and has therefore been excluded from 
the present analysis and therefore has been included in the EPC Scope of 
Work document (Ref. 5). 


5. The SIL verification results are summarised in Table 3-1, which show all 
except one (loop 31) of the ten loops evaluated will satisfy their respective SIL 
targets. 


6. The target for loop 31 (PIT-O62HH) is not met by the current system 
architecture. The largest contribution to failure probability is from the final 
element (ESDV). The design of this loop needs to be developed further. 


4.2 Recommendations 


1. The design of loop 31 should be modified to achieve a SIL 2 standard. This 
may be possible by including a second ESDV to improve the integrity of 
isolation. 
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APPENDIX A — SUPPORTING INFORMATION 


5.1 P&IDs (marked-up) 
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APPENDIX B — CALCULATION SUMMARY 
Figure B-1 Item 2: Level Trip (LIT-101 HH) 
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Top Event Calculations 
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Figure B-2 Item 5: Temperature Trip (TIT-102 HH) 
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iii) Minimal Cut-sets 
T = (C1 + D1 + D2+ D3 + E) 


iv) Base Event - Failure Probabilities 
Base Event '(calcs. In Appendix Section bdFailure 


Prob 
A|Pressure detection failure (PIT) 2E-03 
B|Level detection failure (LIT) 3E-03 
C1|Temperature detection failure - A (TIT) 2E-03 
C2|Temperature detection failure - B (TIT) 2E-03 
D1|Failure of ICSS to initiate shutdown (Al) 7E-04 
D2|Failure of ICSS to initiate shutdown (CPU) 2E-03 
D3|Failure of ICSS to initiate shutdown (DO) 7E-04 
E|Failure to trip compressor (large relay) 1E-03 
FJESDV failure 9E-03 
GI|Pilot / Solenoid valve (ESD) 
v) Top Event Calculations 
Cut-set Base CCF- |PFD Failure |% Comme 
Í _|ltems 
ist 2nd 3rd Indep't CCF 
C1 1 1 1 1.8E-03 1.8E-03| 27.0% 
D1 1 1 1 7.0E-04 7.0E-04| 10.4% 
D2 1 1 1 2.2E-03 2.2E-03] 32.1% 
D3 1 1 1 7.0E-04 7.0E-04| 10.4% 
E 1 1 1 1.4E-03 1.4E-03} 20.3% 
1 1 1 
1 1 1 
1 1 1 
1 1 1 
1 1 1 
1 1 1 
1 1 1 
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Figure B-3 Item 9: Temperature Trip (TIT-108 HH) 
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iii) Minimal Cut-sets 
T = (C1 + D1 + D2+ D3 + E) 


iv) Base Event - Failure Probabilities 
Base Event '(calcs. In Appendix Section bdFailure 


Prob 
A|Pressure detection failure (PIT) 2E-03 
B|Level detection failure (LIT) 3E-03 
C1|Temperature detection failure - A (TIT) 2E-03 
C2|Temperature detection failure - B (TIT) 2E-03 
D1} Failure of ICSS to initiate shutdown (Al) 7E-04 
D2| Failure of ICSS to initiate shutdown (CPU) 2E-03 
D3} Failure of ICSS to initiate shutdown (DO) 7E-04| 
E|Failure to trip compressor (large relay) 1E-03 
FJESDV failure 9E-03 
G|Pilot / Solenoid valve (ESD) 
v) Top Event Calculations 
Cut-set Base CCF- |PFD Failure |% Comme 
2nd 3rd Indep't CCF 
C1 1 1 1 1.8E-03 1.8E-03| 27.0% 
D1 1 1 1 7.0E-04 7.0E-04} 10.4% 
D2 1 1 d 2.2E-03 2.2E-03} 32.1% 
D3 1 1 1 7.0E-04 7.0E-04| 10.4% 
E 1 1 1 1.4E-03 1.4E-03} 20.3% 
i 1 1 
1 1 1 
N 1 1 
ll 1 d 
1 1 1 
1 1 1 
1 1 1 
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Figure B-4 Item 11: Level Trip (LIT-104 HH) 
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Figure B-5 Item 31: Pressure Trip (PIT-062 HH) 
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iii) Minimal Cut-sets 
T = (A+D1+D2+D3+F+G) 
iv) Base Event - Failure Probabilities 
Base Event '(calcs. In Appendix Section bdFailure 
Prob 
A|Pressure detection failure (PIT) 2E-03 
B|Level detection failure (LIT) 3E-03 
C1|Temperature detection failure - A (TIT) 2E-03 
C2|Temperature detection failure - B (TIT) 2E-03 
D1|Failure of ICSS to initiate shutdown (Al) 7E-04| 
D2|Failure of ICSS to initiate shutdown (CPU) 2E-03 
D3|Failure of ICSS to initiate shutdown (DO) 7E-04| 
E|Failure to trip compressor (large relay) 1E-03 
FJESDV failure 9E-03 
G|Pilot / Solenoid valve (ESD) 4E-03 
v) Top Event Calculations 
Cut-set Base CCF- |PFD Failure |% Comme 
Events `: Items 
PS 2nd | 3rd 1st 2nd 3rd Indep't CCF 
A 1 1 1 1.8E-03 1.8E-03] 10.0% 
D1 1 1 1 7.0E-04 7.0E-04 3.9% 
D2 1 1 1 2.2E-03 2.2E-03] 11.9% 
D3 1 1 1 7.0E-04 7.0E-04 3.9% 
F 1 i 1 9.3E-03 9.3E-03] 51.5% 
G 1 1 1 3.5E-03 3.5E-03} 19.4% 
1 { 1 
1 1 1 
1 1 1 
1 1 1 
1 i] 1 
1 1 1 
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Figure B-6 Item 43: Temperature Trip (TIT-011 HH) 
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Figure B-7 Item 44: Temperature Trip (TIT-009 HH) 
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Figure B-8 Item 45: Temperature Trip (TIT-022A/B HH) 
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Base Event '(calcs. In Appendix Section bdFailure 
Prob 
A|Pressure detection failure (PIT) 2E-03 
B|Level detection failure (LIT) 3E-03 
C1|Temperature detection failure - A (TIT) 2E-03 
C2|Temperature detection failure - B (TIT) 2E-03 
D1|Failure of ICSS to initiate shutdown (Al) 7E-04| 
D2|Failure of ICSS to initiate shutdown (CPU) 2E-03 
D3}Failure of ICSS to initiate shutdown (DO) 7E-04| 
E|Failure to trip compressor (large relay) 1E-03 
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D1 1 1 1 7.0E-04 7.0E-04} 10.4% 
D2 1 1 1 2.2E-03 2.2E-03] 32.1% 
D3 1 1 1 7.0E-04 7.0E-04) 10.4% 
E 1 1 1 1.4E-03 1.4E-03] 20.3% 
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Figure B-9 Item 46: Temperature Trip (TIT-019A/B HH) 
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Figure B-10 Item 47: Temperature Trip (TDI-034 LL) 
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iii) Minimal Cut-sets 
T = (C1 + D1+D2+D3 + E) 


iv) Base Event - Failure Probabilities 


Base Event ‘(calcs. In Appendix Section bd Failure 
Prob 
A|Pressure detection failure (PIT) 2E-03 
B|Level detection failure (LIT) 3E-03 
C1|Temperature detection failure - A (TIT) 2E-03 
C2|Temperature detection failure - B (TIT) 2E-03 
D1|Failure of ICSS to initiate shutdown (Al) 7E-04 
D2|Failure of ICSS to initiate shutdown (CPU) 2E-03 
D3|Failure of ICSS to initiate shutdown (DO) 7E-04 
E|Failure to trip compressor (large relay) 1E-03 
FJESDV failure 9E-03 
G|Pilot / Solenoid valve (ESD) 
v) Top Event Calculations 
Cut-set Base CCF- |PFD Failure |% Comme 
Events `  |items 
CEA e [ist 2nd 3rd Indep't CCF 
C1 i 1 1 1.8E-03 1.8E-03] 27.0% 
D1 1 1 1 7.0E-04 7.0E-04| 10.4% 
D2 1 1 1 2.2E-03 2.2E-03] 32.1% 
D3 il 1 1 7.0E-04 7.0E-04| 10.4% 
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